5c7145ca8e
Breaking Changes: - Adds compromise mode to zero-trust architecture for UX - Enables password recovery via physical Docker access Key Features: - 6-digit recovery codes output to Docker logs for physical access control - Recovery DEK layer preserves user encrypted data during password reset - Zero-trust migration path for future security upgrade - Critical fix for password reset data loss vulnerability Security Model: - Physical access required (Docker logs access) - 1-minute code expiry with 3-attempt limit - Recovery keys stored encrypted in database - Gradual migration path to zero-trust mode Technical Details: - Schema: Added recovery_dek, backup_encrypted_dek, zero_trust_mode fields - API: New /recovery/* endpoints for recovery flow - UI: Complete password recovery interface redesign - Crypto: Recovery layer in KEK-DEK architecture - Migration: ZeroTrustMigration utility for future upgrades Bug Fixes: - Fixed critical password reset vulnerability causing permanent data loss - Fixed JWT token storage inconsistency in recovery login - Proper KEK-DEK re-encryption during password reset
54 KiB
54 KiB